Commit Graph

4875 Commits

Author SHA1 Message Date
toddouska 2d13a43e71 Merge pull request #3819 from elms/fix/nightly_g++
ssl: fix g++ compile warning with explicit cast
2021-02-25 16:04:05 -08:00
Elms afbe3607d7 ssl: fix g++ compile warning with explicit cast
cast OpenSSL callback to `void*` for storage as context to be used by
static callback
2021-02-25 11:01:16 -08:00
Sean Parkinson d271092aef ASN: move wolfSSL_i2d_X509_NAME to ssl.c
Move WOLFSSL_X509_NAME APIs out of asn.[ch].
2021-02-25 11:45:12 +10:00
toddouska 94a23c1d48 Merge pull request #3646 from julek-wolfssl/nginx-1.19.6
Add support for Nginx 1.19.6
2021-02-24 12:21:51 -08:00
Eric Blankenhorn 1d16af4f32 Warnings and error fixes 2021-02-24 09:08:15 -06:00
toddouska e471cba8df Merge pull request #3780 from SparkiDev/tls13_key_up_resp
TLS 1.3: add API to tell if a KeyUpdate response is required
2021-02-23 11:57:10 -08:00
Juliusz Sosinowicz d074e7443f Remove default ticket cb as this will be added in another PR 2021-02-23 10:06:11 +01:00
David Garske b5239f97c4 Fixes for warnings in Windows. Fix for failing wc_BufferKeyEncrypt with PBKDF disabled. ZD 11759. 2021-02-22 16:51:17 -08:00
Sean Parkinson 41c4a25b25 Merge pull request #3785 from embhorn/zd11752
Fix ret val for wolfSSL_BIO_set_ssl
2021-02-22 08:34:47 +10:00
Eric Blankenhorn ebb2c7ae71 Fix ret val for wolfSSL_BIO_set_ssl 2021-02-19 16:35:01 -06:00
JacobBarthelmeh 8d7c61cf10 prep for Async release 2021-02-19 11:51:23 -07:00
Sean Parkinson fa7b5f55ee TLS 1.3: add API to tell if a KeyUpdate response is required 2021-02-19 10:21:08 +10:00
Sean Parkinson ad58478d29 Merge pull request #3765 from embhorn/zd11703
Validate name size
2021-02-18 08:42:26 +10:00
Sean Parkinson 276e090a1f Merge pull request #3763 from embhorn/zd11726
Adding wolfSSL_CTX_get_TicketEncCtx
2021-02-18 08:35:03 +10:00
Eric Blankenhorn caa39f78ae Fix from review and leak in wolfSSL_X509_get_serialNumber 2021-02-17 13:53:30 -06:00
Eric Blankenhorn 608083f559 Add more checks for name->sz 2021-02-17 12:19:42 -06:00
Jacob Barthelmeh 4def38dd7e fix build for apache without tls 1.3 2021-02-17 18:23:03 +07:00
Eric Blankenhorn 806b5d7d23 Validate name size 2021-02-16 14:58:58 -06:00
Juliusz Sosinowicz 89fd0b375b Correctly read anon cipher run-time options 2021-02-16 14:27:19 +01:00
Juliusz Sosinowicz 9265c3f71f Use native API for ticket callback 2021-02-16 14:25:45 +01:00
Juliusz Sosinowicz 0ae1a8b8c5 Jenkins fixes
- Change pushCAx509Chain to an iterative implementation
- Fix variable names shadowing global names
2021-02-16 14:25:45 +01:00
Juliusz Sosinowicz e80158a96e Set full chain with known CA's in wolfSSL_set_peer_cert_chain 2021-02-16 14:25:45 +01:00
Juliusz Sosinowicz b90862fa3f Free OcspEntry.status only when the struct owns the pointer 2021-02-16 14:25:45 +01:00
Juliusz Sosinowicz 26df833074 Compat layer session tickets
- OpenSSL uses an internal mechanism by default for session tickets. This is now implemented for OPENSSL_EXTRA in wolfSSL.
- Add testing of wolfSSL_CTX_set_tlsext_ticket_key_cb
2021-02-16 14:25:45 +01:00
Juliusz Sosinowicz 9a1e54cfd5 Nginx 1.19.6 Fixes 2021-02-16 14:25:45 +01:00
Juliusz Sosinowicz b63f43a2af Nginx 1.19.6
- Implement X509_pubkey_digest
- Initialize entire WOLFSSL_X509_NAME struct to zero
- Set raw and rawLen when copying WOLFSSL_X509_NAME
2021-02-16 14:25:45 +01:00
Eric Blankenhorn b7b07e1945 Adding wolfSSL_CTX_get_TicketEncCtx 2021-02-15 11:28:46 -06:00
Jacob Barthelmeh 0b0f370384 fix for haproxy and nginx build 2021-02-15 22:09:44 +07:00
Sean Parkinson ba1c67843a Merge pull request #3752 from JacobBarthelmeh/Jenkins
changes from nightly Jenkins test review
2021-02-15 16:32:40 +10:00
Sean Parkinson 505514415d Merge pull request #3748 from JacobBarthelmeh/Testing
always check index into certs
2021-02-15 08:20:28 +10:00
Jacob Barthelmeh 1c852f60ab fix for g++ build 2021-02-12 23:26:54 +07:00
Jacob Barthelmeh 0938a0055d always use MAX_CHAIN_DEPTH for args->certs buffer 2021-02-12 15:18:14 +07:00
toddouska f0ce6ada0f Merge pull request #3702 from guidovranken/zd11603
Prevent dangling pointer in TLSX_Cookie_Use
2021-02-11 12:31:02 -08:00
toddouska 80b9949052 Merge pull request #3739 from kaleb-himes/FusionRTOS-Porting-R3
Fusion RTOS porting round 3
2021-02-11 12:25:55 -08:00
toddouska 39cb84de25 Merge pull request #3697 from julek-wolfssl/openvpn-2.5-missing-stuff
OpenVPN master additions
2021-02-11 08:56:45 -08:00
Jacob Barthelmeh 90140fc5a4 always check index into certs 2021-02-11 21:50:51 +07:00
toddouska 032cc1645c Merge pull request #3713 from SparkiDev/tls_def_sess_ticket_cb
TLS Session Ticket: default encryption callback
2021-02-10 16:13:33 -08:00
toddouska 67b1280bbf Merge pull request #3545 from kabuobeid/smime
Added support for reading S/MIME messages via SMIME_read_PKCS7.
2021-02-10 15:59:32 -08:00
kaleb-himes 223ba43c2c Add debug message regarding failure 2021-02-10 12:15:43 -07:00
kaleb-himes 9e6ab4ab70 Address indendation, fix return on stub, remove warning 2021-02-10 11:26:29 -07:00
kaleb-himes 4c171524dd Address missed CloseSocket item and revert some white space changes 2021-02-10 09:14:54 -07:00
kaleb-himes 7e428f90f2 Revert zero return, to be handled in stand-alone PR 2021-02-10 05:31:57 -07:00
kaleb-himes 15f9902e94 Address new file issue by Jenkins and peer feedback on return val of time 2021-02-10 04:16:34 -07:00
Sean Parkinson 794cb5c7a9 TLS Session Ticket: default encryption callback
Encrypts with ChaCha20-Poly1305 or AES-GCM.
Two keys in rotation.
Key used for encryption until ticket lifetime goes beyond expirary
(default 1 hour). If key can still be used for decryption, encrypt with
other key.
Private random used to generate keys.
2021-02-10 14:31:54 +10:00
kaleb-himes 89b97a0fbf Implement peer feedback 2021-02-09 18:42:23 -07:00
toddouska f63f0ccb94 Merge pull request #3740 from SparkiDev/tls13_one_hrr_sh
TLS 1.3: Only allow one ServerHello and one HelloRetryRequest
2021-02-09 14:59:10 -08:00
toddouska 9a7aba265a Merge pull request #3716 from kaleb-himes/OE10_ACVP_OE13_ACVP_WPAA
OE10 and OE13 ACVP updates for armv8 PAA
2021-02-09 14:50:42 -08:00
Kaleb Himes 73d7709724 Update comment about location for porting changes. 2021-02-09 15:39:12 -07:00
kaleb-himes 6d23728a56 Fusion RTOS porting round 3 2021-02-09 15:33:06 -07:00
toddouska 250b59f8fd Merge pull request #3688 from julek-wolfssl/correct-cert-free
Use wolfSSL_X509_free to free ourCert
2021-02-09 12:41:12 -08:00